According to VPNMentor, they have discovered a database containing security logs belonging to several major hotel chains. This includes hotels run by the Pyramid Hotel Group and also several locations such as Marriott’s Aloft Hotels in Florida, Tarrytown House Estate in New York, and also several hotels in Ireland.
The leaked data came from Wazuh, an open-source intrusion detection system, which is actually rather ironic, but it’s not because of the Wazuh software. Instead, the server administrator is ultimately responsible for the server’s security.
VPNMentor has since notified the affected hotels about the breach and the database has been locked down. As to why this could potentially be a bigger issue, it is because these security logs contain information about a hotel’s security defenses.
This means that hackers who have had access to the database could, in theory, figure out what are the gaps in a hotel’s security system and thus take advantage of it. This could result in a much larger leak than before, although it is unclear if any hackers might have already taken advantage of this to date.